New Kubernetes security audit complete and open sourced
By Chris Aniszczyk (@cra) and Rey Lejano In 2018, the Cloud Native Computing Foundation (CNCF) started performing and open sourcing third-party security audits with the goal of improving the overall security practices of our ecosystem. Since…
CNCF fuzzing open source projects for security and reliability
By Chris Aniszczyk, Adam Korczynski, David Korczynski Introduction In this blog post we will present an overview of the state of fuzzing CNCF projects. We published a blog post on this in June 2022 titled Improving…
Stability and scalability assessment of KubeVela
Guest post by Da Yin, infra engineer at Alibaba Cloud and KubeVela maintainer Background With the release of v1.8, KubeVela, the OAM-based application delivery project, has been continuously evolving for over 3 years. It is now…
CNCF On-Demand Webinar: 5 Key Steps to Securing a Default Kubernetes Cluster
Many day-to-day users of Kubernetes call it a win just to have their applications successfully up-and-running without any errors. Any further thoughts of best practices or security often gets pushed to the back burner. With a…
Super bot for Kubernetes clusters
Guest post by: One stop shop messaging bot for monitoring, notifying and debugging anywhere, anytime. Bots have been around humans for a while now and used for variety of purposes. The most common ones are notification…
KubeGateway: A customized seven-layer Load Balancer for kube-apiserver
Guest post originally published on ByteDance’s blog by Jun Zhang KubeGateway is a seven-layer load balancer specially customized by ByteDance for kube-apiserver traffic characteristics. It completely solves the problem of kube-apiserver load imbalance. For the first…
2022 Kubernetes vulnerabilities – Main takeaways
Guest post originally published on ARMO’s blog by Ben Hirschberg All the main K8s vulnerabilities from 2022 consolidated into one article. Put together by Ben Hirschberg, CTO & co-founder of ARMO. During 2022, Kubernetes continued to cement itself…
CNCF On-Demand Webinar: Taking full advantage of gRPC
gRPC is a critical component in the cloud-native ecosystem, but many folks aren’t using its full potential. In this presentation, we’ll cover overlooked or undiscovered gRPC functionality with examples from Go projects such clair, etcd, and…
Support for 100 Large-Scale Clusters: Test Report on Karmada
Guest post by Kevin Wang TL;DR Cloud native implementations, growing in scale and complexity, are challenging organizations on how to efficiently, reliably manage large-scale resource pools to meet growing demands. Players in the cloud field attempted…
Demonstrating your K8s scheduler with kube-scheduler-simulator in a real cluster
Guest post originally published on the Miraxia blog by Takuma Kawai In the previous post, I wrote how we can develop our own scheduler with kube-scheduler-simulator. If you could implemented your new scheduler, you may want to try…